The Clara framework for hybrid typestate analysis

Quantified Score

Visualization

Abstract

A typestate property describes which operations are available on an object or a group of inter-related objects, depending on this object’s or group’s internal state, the typestate. Researchers in the field of static analysis have devised static program analyses to prove the absence of typestate-property violations on all possible executions of a given program under test. Researchers in runtime verification, on the other hand, have developed powerful monitoring approaches that guarantee to capture property violations on actual executions. Although static analysis can greatly benefit runtime monitoring, up until now, most static analyses are incompatible with most monitoring tools. We present Clara, a novel framework that makes these approaches compatible. With Clara, researchers in static analysis can easily implement powerful typestate analyses. Runtime-verification researchers, on the other hand, can use Clara to specialize AspectJ-based runtime monitors to a particular target program. To make aspects compatible to Clara, the monitoring tool annotates them with so-called dependency state machines. Clara uses the static analyses to automatically convert an annotated monitoring aspect into a residual runtime monitor that is triggered by fewer program locations. If the static analysis succeeds on all locations, this proves that the program fulfills the stated typestate properties, making runtime monitoring entirely obsolete. If not, the residual runtime monitor is at least optimized. We instantiated Clara with three static typestate analyses and applied these analyses to monitoring aspects generated from tracematches. In two-thirds of the cases in our experiments, the static analysis succeeds on all locations, proving that the program fulfills the stated properties, and completely obviating the need for runtime monitoring. In the remaining cases, the runtime monitor is often significantly optimized.